Cybersecurity
Cybersecurity is the shared responsibility of every employee and business unit. YOU play a key role in properly safeguarding and using private, sensitive information and state resources. The following are actions we all must take to remain vigilant and safe.

BPS CYBERSECURITY: Report Suspicious Cybersecurity Activity By:
Forwarding suspicious emails to: BPScybersecurity
Mark as spam or phishing if suspicious:
Calling IT Help Desk: (716)-816-3510
If you encounter suspicious activity you can:
Cybersecurity Dos and Don’ts
The following Dos and Don’ts help remind us all of actions we must take to remain vigilant:
1. Secure Passwords:
Use hard-to-guess passwords with a minimum of 10 characters, including uppercase letters, lowercase letters, numbers, and special characters.
Create an acronym for easy recall, like using the initials of a meaningful phrase.
2. Password Management:
Use different passwords for various accounts to prevent compromise if one is hacked.
Keep passwords confidential; do not share or write them down.
3. Protecting Information:
Avoid leaving sensitive information exposed in the office.
Use privacy settings on social media and refrain from sharing private details online.
4. Email Security:
Beware of phishing traps in emails; delete suspicious messages and report them.
Avoid clicking on links from unknown or untrusted sources.
5. Confidentiality:
Never disclose confidential information in response to unsolicited calls or emails.
Destroy unnecessary information properly, both in print and electronic formats.
6. Security Awareness:
Be cautious about surroundings when handling sensitive information.
Do not install unauthorized programs on work computers; verify with IT support.
7. Device Security:
Lock computers and mobile phones when not in use.
Report lost or stolen devices immediately to the manager and security representative.
8. Network Safety:
Avoid public Wi-Fi; use agency-provided virtual private network software when necessary.
Turn off wireless or Bluetooth when not in use and only enable them in secure environments.